updating

CSVD · Aug 8, 2024 · de2023b · de2023b
2 parents 9cc519f + fb3a900
commit de2023b
Show file tree

Hide file tree

Showing 6 changed files with 38 additions and 73 deletions.
diff --git a/.github/workflows/sync-to-codecommit.yml b/.github/workflows/sync-to-codecommit.yml
@@ -7,25 +7,8 @@ on:
 
 jobs:
   sync:
-    runs-on: ubuntu-latest
+    runs-on: image-pipeline
 
     steps:
     - name: Checkout code
       uses: actions/checkout@v2
-
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: us-gov-west-1
-
-    - name: Sync to CodeCommit Goss Testing
-      run: |
-        git remote add goss-upstream ssh://git-codecommit.us-gov-west-1.amazonaws.com/v1/repos/image-pipeline-goss-testing
-        git push goss-upstream main --force
-
-    - name: Sync to CodeCommit Ansible Playbooks
-      run: |
-        git remote add ansible-upstream ssh://git-codecommit.us-gov-west-1.amazonaws.com/v1/repos/image-pipeline-ansible-playbooks
-        git push ansible-upstream main --force
diff --git a/.github/workflows/terraform-apply.yml b/.github/workflows/terraform-apply.yml
@@ -0,0 +1,36 @@
+# This is a basic workflow to help you get started with Actions
+
+name: CI
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the "main" branch
+  push:
+    branches: [ "main" ]
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+  # This workflow contains a single job called "build"
+  build:
+    # The type of runner that the job will run on
+    runs-on: [ image-pipeline ]
+
+    # Steps represent a sequence of tasks that will be executed as part of the job
+    steps:
+      # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+      - uses: actions/checkout@v3
+
+      - uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_wrapper: false
+
+      # Runs a set of commands using the runners shell
+      - name: Run a multi-line script
+        run: |
+          terraform init -upgrade
+          terraform apply -auto-approve
+        env:
+          AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_ACCESS_KEY_ID=${{ vars.AWS_ACCESS_KEY_ID }}
diff --git a/README.md b/README.md
@@ -1,34 +1,2 @@
 # aws-image-pipeline
-Terraform Workspace for creating and managing AWS Image Pipelines
-
-
-
-To SSO Login: 
-aws sso login --profile 229685449397-csvd-dev-gov.inf-admin-t2
-
-export AWS_PROFILE=229685449397-csvd-dev-gov.inf-admin-t2
-
-aws sts get-caller-identity
-
-
-Git Syncing / Mirroring:
-
-git remote add ansible-upstream https://git-codecommit.us-gov-west-1.amazonaws.com/v1/repos/image-pipeline-ansible-playbooks
-
-git remote add goss-upstream https://git-codecommit.us-gov-west-1.amazonaws.com/v1/repos/image-pipeline-goss-testing
-
-git push origin main --force
-git push ansible-upstream main --force
-git push goss-upstream main --force
-
-rebecaa linn : She does x86 (get context for ARM)
-
-
-cd ~/.aws/
-
-terraform plan -out=plan.out | tee terraform_plan.log
-
-#Formatting error command
-yamllint 'file name'
-
-
+Terraform Workspace for creating and managing AWS Image Pipelines.
diff --git a/linux.tf b/linux.tf
@@ -27,7 +27,6 @@ module "amazon_linux" {
     name =  aws_s3_bucket.assets_bucket.bucket
     key  =  "linux-image-pipeline.zip"
   }
-  # packer_repo   = data.aws_codecommit_repository.linux
   ansible_repo  = data.aws_codecommit_repository.ansible
   goss_repo     = data.aws_codecommit_repository.goss
   goss_profile  = "base-test"

diff --git a/rhel.tf b/rhel.tf
@@ -27,12 +27,3 @@ module "rhel" {
   source_ami    = "ami-03fadeeea589a106b" # x86_64 compatible AMI
   instance_type = "t3.micro"              # x86_64 compatible instance type
 }
-
-output "rhel_iam_arn" {
-  value = module.amazon_linux.iam_arn
-}
-
-output "rhel_parameters" {
-  value     = keys(module.amazon_linux.parameters)
-  sensitive = true
-}
diff --git a/windows.tf b/windows.tf
@@ -35,15 +35,3 @@ module "windows" {
   instance_type = "t2.xlarge"             # x86_64 compatible instance type
 }
 
-output "winrm_password" {
-  value = nonsensitive(random_password.winrm.result)
-}
-
-output "windows_iam_arn" {
-  value = module.amazon_linux.iam_arn
-}
-
-output "windows_parameters" {
-  value     = keys(module.amazon_linux.parameters)
-  sensitive = true
-}